For those of you who know me, Henry was my basset hound, and the fictitious name used during (ahem) special research. I'm a former intelligence officer, a professional analyst, and a blogger since 2004 writing about my experiences on the journey --information security, cyber intelligence, education, thoughts. Some love my writings others hate it. If you like it, follow me!

Friday, May 03, 2013

Why are there so few “feel good” stories about cyber
security? Almost daily, we’re warned
about a new zero-day exploit or told of another organization that has been
compromised by the bad guys. We all have a tendency to wonder if we’ll ever
get ahead? We will and we are! There’s great things
happening in cyber security and it’s time we focus on the good news!

To be fair, we’re in a profession where we keep the
scoreboard hidden from the spectators.
Many of us in security live our professional lives behind closed doors
and our day to day activities are cloaked in secrecy. Often the only face time we get with those in
the C-suite is when something has gone horribly wrong but here’s food for
thought; for every high profile breach there are a thousand other organizations
that thwarted one. We are ever closing the gap as a more smart people enter the field and we identify and perfect our best practices. I take comfort see these numbers grow daily.

Cyber security professionals are doing amazing things and we
ARE making incredible advances in protecting our networks from our adversaries.
Fact is, we got out of the gates really
late and the competition has a wide lead on us but we’re learning every day and we're closing in. We're learning, we're getting smarter, and we're going to catch up!

We have learned a lot about what not to do but we can, and do, learn a
great deal more from those who are doing things right. By focusing on the positive and opening a new
dialogue that includes the creative, intelligent, and resourcefulness of the
many brilliant people on our side, we can focus our attention on what defensive
measures really work and apply them where they are most effective.

Red Sky asked organizations to share their good news with us
and describe their successes so we could share them with others – the results
were very compelling! In our whitepaper,
“How Great Companies Fight Targeted
Attacks and APT” we documented the responses we received from
organizations from very mature incident response teams. There were many different approaches, but
what we discovered was almost all had seven fundamental actions in common. We concluded that if executed well, any
organization can be equally effective in protecting themselves from the bad
guys. If you want to know how you stack
up, see how to get a copy of this whitepaper below.

With full intention of focusing on the positive, we found
that organizations were more eager to share their successes where they were more reluctant
to share their failures. Every day, I
have the privilege of seeing the positive in action. Whether it be one organization sharing threat
intelligence with the Red Sky community or another organization lending
assistance to a less experienced incident response team – I can’t help but seeing
a tide of good news building in cyber security!

I challenge you to take the time and focus on the positive
things that are happening in cyber security.
What actions have you or your organization taken that has had positive
results? How can you build upon those
successes and do you share them with others?
I bet if you do, you’ll find there is an abundance of good news!

If you’re interested in our whitepaper, “How Great Companies Fight Targeted
Attacks and APT”, interested in the positive things we’re doing in Red
Sky, or simply want to share your good news with our membership, please reach
out to me at rgamache@redskyalliance.org

BT BT

The response to our opening of Wapack Labs in Manchester, New
Hampshire has been an extremely positive one!
Focusing on digital forensics, Wapack Labs is a fully functional data
forensics laboratory specializing in computer, network, and cell phone
investigations.

If you have a need for court admissible reporting and
digital forensics work for employee misuse, non-compete violations, network
intrusion, intellectual property theft, and copyright infringement cases please
reach out to our lab’s lead forensics analyst, Derek Kirmes at dkirmes@wapacklabs.com or read his
blog at http://wapacklabs.blogspot.com/
Derek has put together a really good post this week about the problems that may
occur when an employee leaves your organization!